Checking Cisco WSA For New Updates Availablity

In this post I will share my PowerShell code for querying the availability of new updates for Cisco WSA (Web Security Virtual Appliance). Unfortunately, Cisco has not created API for this product for querying the status, so I've created script with web requests that basically simulate user's interaction for accessing the web page with updates status info, that looks like this :

The column of interest is "New Update".

I will break the code in several sections for easy reading. So, here is the first part, where I'm ignoring the web certificate provided by the Cisco WSA :

add-type -TypeDefinition  @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
    public bool CheckValidationResult(
        ServicePoint srvPoint, X509Certificate certificate,
        WebRequest request, int certificateProblem) {
        return true;
    }
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

In the next part, I'm collecting the proper credential for checking the updates status, and passing them to the Cisco WSA. In the web request, I'm creating the session variable ses, and collecting the CSRF token and storing it into $csrf variable.

$credential = get-credential -username user -Message "Type Credential"
$Req = Invoke-WebRequest 'https://cisco.wsa.url/login' ` -UseBasicParsing -SessionVariable ses
if (-not $? -or $Req.Content -notmatch '<.+csrf.+value=\"(.+)\"') {
                         return
                       }
$Csrf = $Matches[1]

Creating the body for the request, and sending to the login form of Cisco WSA:

$Body = @username = "$($credential.username)"; ` password = "$($Credential.GetNetworkCredential().password)"; ` action = "Login"CSRFKey = "$Csrf"}
$loginp = Invoke-WebRequest -Uri ("https://cisco.wsa.url/login") `  -Method POST -Body $body -WebSession $ses ` -ContentType "application/x-www-form-urlencoded"

After successful login in, I'm making web request to the URL that contains the update info. The content received, I'm converting it from JSON:

$status = Invoke-WebRequest ` -uri ("https://cisco.wsa.url/security_services/url_filters/anti_malware") ` -websession $ses  

if (-not $? -or $status.Content -notmatch '\"https.*GetAvailabilityStatus.*\"') {
  return
}

$UpdateURL = $Matches[0].Replace('"',"")

$updates = Invoke-WebRequest -uri ($UpdateURL-websession $ses

$updates.Content | ConvertFrom-Json

And the output looks like :

Cisco DVS Object Type Rules                                          : Not Available
Cisco DVS Engine                                                     : Not Available
Cisco DVS Malware User Agent Rules                                   : Not Available
Cisco Web Usage Controls - Application Visibility and Control Data   : Not Available
Cisco URL Categories Database                                        : Not Available
Cisco Web Usage Controls - Web Categorization Categories List        : Not Available
Cisco URL Categories Database Incremental Updates                    : Not Available
McAfee Engine Definition                                             : Not Available
L4 Traffic Monitor Anti-Malware Rules                                : Not Available
Web Reputation Rules                                                 : Not Available
Sophos IDE                                                           : Not Available
Web Reputation IP Filters                                            : Not Available
Webroot Anti-Malware Engine                                          : Not Available
Advanced Malware Protection - Engine Definition                      : Not Available
McAfee DATs                                                          : Not Available
Cisco URL Filtering Engine                                           : Not Available
Cisco Web Usage Controls - Dynamic Content Analysis Engine Data      : Not Available
Cisco Web Usage Controls - Web Categorization Engine                 : Not Available
Cisco Web Usage Controls - Application Visibility and Control Engine : Not Available
Cisco Certificate Blacklist                                          : Not Available
Web Reputation Engine                                                : Not Available
Cisco Internal Certificates - Advanced Malware Protection            : Not Available
Time zone rules                                                      : Not Available
Webroot Malware Categories DATs                                      : Not Available
McAfee Anti-Malware Engine                                           : Not Available
Cisco Trusted Root Certificate Bundle                                : Not Available
Webroot Engine Definition                                            : Not Available
Sophos Engine                                                        : Not Available
Advanced Malware Protection - Cloud Configuration and Settings       : Not Available
Cisco Web Usage Controls - Web Categorization URL Keyword Filters    : Not Available
Cisco Web Usage Controls - Web Categorization Prefix Filters         : Not Available
Web Reputation Prefix Filters                                        : Not Available
Cisco Web Usage Controls - Dynamic Content Analysis Engine           : Not Available


I hope you will find this code useful. It can be used in different scenarios when there are no APIs (like this one for example), and you will like to automate some manual tasks.

Happy codding !

4 comments:

  1. Wow! this is Amazing! Do you know your hidden name meaning ? Click here to find your hidden name meaning

    ReplyDelete
  2. HP Laserjet M479Fdw Setup printer requires a proper driver and software for functioning properly. You have to go along some steps to complete the whole process. To know about the HP Laserjet M479Fdw setup you can contact our HP customer support team. Visit the HP support site for driver and software download.

    ReplyDelete
  3. Do you require HP printer setup for your mac operating system? Is your printer driver not suitable for macOS? Then visit the 123.hp.com/setup to get the software and driver for better functioning of your printer. You can also call our expert HP support team for services.

    ReplyDelete
  4. Hi this is SaiVijay, I'am from Chennai. I'am a technical writer for a digital marketing company in Chennai for more than five years. And its my own passion to choose this field. I have to write a creative articles, novels, documents. My hobbies are drawing, playing foot ball and playing cricket also. My most favorite one is "Be Tvastra" which one is the most memorable one in my works. I have suggest you to read the articles.
    Digital Marketing Company in Chennai
    Digital Marketing Agency in Chennai
    SEO services in Chennai
    SEO company in Chennai
    Web Design Company in Chennai
    Web Development Company in Chennai
    top 10 digital marketing companies in chennai
    digital marketing companies in chennai
    best digital marketing agency in chennai
    digital marketing companies in anna nagar
    seo services company in chennai
    Best SEO Companies In Chennai
    cheap seo in chennai

    ReplyDelete

Checking Cisco WSA For New Updates Availablity

In this post I will share my PowerShell code for querying the availability of new updates for Cisco WSA (Web Security Virtual Appliance). U...